RedSeal, a leader in the cybersecurity analytics market, has released the results of a CEO study, which exposes significant disconnect between CEOs’ confidence in defense strategies and actual results.
“CEOs are underestimating their companies’ cyber vulnerabilities,” said Ray Rothrock, Chairman and CEO of RedSeal. “Their confidence does not square with what we observe. Cyber-attacks are up and financial losses associated with these attacks are increasing dramatically.”
This is a particularly acute problem in the Middle East, where according to PricewaterhouseCoopers’ 2016 report on Cybersecurity in the Middle East, companies in the region suffered larger financial losses than their global counterparts as a result of cyber-attacks with 50% reporting losses greater than US$500,000 as opposed to 33% globally.
The report is based on a survey of 200 chief executive officers from organizations across a host of major industries, including technology, finance, manufacturing, government and retail. The RedSeal study found that
- More than 80 percent of CEOs are very confident in their firm’s cybersecurity strategies, despite the fact that security incidents have surged.
- Almost half of the CEOs still prioritize keeping hackers out of the network, versus just 24 percent who were concerned with building capabilities to deal with hackers who have successfully breached their network’s perimeter defenses.
- While 87 percent of CEOs agree that they need a better way to measure the effectiveness of their cybersecurity investments, 84 percent still plan to increase their spending in the next year.
- Nearly three out of four CEOs report the metrics they receive lack meaning or context. Most (79 percent) agree their reports are too difficult to understand, and 87 percent need a better way to measure whether cybersecurity investments are effective.
- Nearly 90 percent of CEOs say they want information – on a daily basis – about their cybersecurity posture and network’s overall health, external threat level, and the resilience of the network.
- While 79 percent of CEOs surveyed strongly agree that cybersecurity is a strategic function that starts with executive leadership versus being a responsibility passed on to the IT team, 89 percent of these same CEOs report reliance on their IT team to make the budget decisions on cybersecurity.
Firewalls, virus detectors, and malware scans are required to keep out 99 percent of the bad guys, but the one percent who get in can cripple a firm, critical infrastructure or a government agency explained Rothrock.
